OLD | NEW |
| (Empty) |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 // | |
5 // Mutex to guarantee serialization of RLZ key accesses. | |
6 | |
7 #include "rlz/win/lib/lib_mutex.h" | |
8 | |
9 #include <windows.h> | |
10 #include <Sddl.h> // For SDDL_REVISION_1, ConvertStringSecurityDescript.. | |
11 #include <Aclapi.h> // For SetSecurityInfo | |
12 | |
13 #include "base/logging.h" | |
14 #include "base/win/windows_version.h" | |
15 | |
16 namespace { | |
17 | |
18 const wchar_t kMutexName[] = L"{A946A6A9-917E-4949-B9BC-6BADA8C7FD63}"; | |
19 | |
20 } // namespace anonymous | |
21 | |
22 namespace rlz_lib { | |
23 | |
24 // Needed to allow synchronization across integrity levels. | |
25 static bool SetObjectToLowIntegrity(HANDLE object, | |
26 SE_OBJECT_TYPE type = SE_KERNEL_OBJECT) { | |
27 if (base::win::GetVersion() < base::win::VERSION_VISTA) | |
28 return true; // Not needed on XP. | |
29 | |
30 // The LABEL_SECURITY_INFORMATION SDDL SACL to be set for low integrity. | |
31 static const wchar_t kLowIntegritySddlSacl[] = L"S:(ML;;NW;;;LW)"; | |
32 | |
33 bool result = false; | |
34 DWORD error = ERROR_SUCCESS; | |
35 PSECURITY_DESCRIPTOR security_descriptor = NULL; | |
36 PACL sacl = NULL; | |
37 BOOL sacl_present = FALSE; | |
38 BOOL sacl_defaulted = FALSE; | |
39 | |
40 if (ConvertStringSecurityDescriptorToSecurityDescriptorW( | |
41 kLowIntegritySddlSacl, SDDL_REVISION_1, &security_descriptor, NULL)) { | |
42 if (GetSecurityDescriptorSacl(security_descriptor, &sacl_present, | |
43 &sacl, &sacl_defaulted)) { | |
44 error = SetSecurityInfo(object, type, LABEL_SECURITY_INFORMATION, | |
45 NULL, NULL, NULL, sacl); | |
46 result = (ERROR_SUCCESS == error); | |
47 } | |
48 LocalFree(security_descriptor); | |
49 } | |
50 | |
51 return result; | |
52 } | |
53 | |
54 LibMutex::LibMutex() : acquired_(false), mutex_(NULL) { | |
55 mutex_ = CreateMutex(NULL, false, kMutexName); | |
56 bool result = SetObjectToLowIntegrity(mutex_); | |
57 if (result) { | |
58 acquired_ = (WAIT_OBJECT_0 == WaitForSingleObject(mutex_, 5000L)); | |
59 } | |
60 } | |
61 | |
62 LibMutex::~LibMutex() { | |
63 if (acquired_) ReleaseMutex(mutex_); | |
64 CloseHandle(mutex_); | |
65 } | |
66 | |
67 } // namespace rlz_lib | |
OLD | NEW |